Secure tokens are small devices comprising a memory, a microprocessor and an operating system for computing treatments. In general, secure tokens comprise a plurality of memories of different types. For example, they may comprise memory of RAM, ROM, EEPROM or Flash type. Secure tokens have limited computing resources. For example, smart cards are secure tokens.
A wireless local area network links two or more devices through a wireless protocol. An access point (also named hotspot) allows connecting the WLAN. Additionally, the access point may be connected to public or private networks. A WLAN provides networks access to user which may be static or mobile in a local area. Such hotspots can be found in hotels and trains for example. One of the most popular wireless LANs is the Wi-Fi™ defined by the Wi-Fi Alliance and specified in the group of IEEE 802.11 standards. Access to hotspots may be limited by security mechanisms like the Wired Equivalent Privacy (WEP) or the Wi-Fi Protected Access (WPA).
The Extensible Authentication Protocol Method for GSM Subscriber Identity Module, or EAP-SIM, is an Extensible Authentication Protocol (EAP) mechanism for authentication and session key distribution using the Subscriber Identity Module (SIM) from the Global System for Mobile (GSM) Communications. The EAP-SIM is defined by ETSI TS 102.310.
The Extensible Authentication Protocol EAP-SIM protocol allows an access point to get data from a SIM in order to exchange authentication data with an authentication server that interfaces with a Home Location Register (HLR) of a Telecom network. Thus authentication is run between the access point and the HLR to authenticate the user using the SIM. The EAP-SIM scheme requires that the access point has specific features dedicated to the EAP-SIM protocol for managing data exchanged with a SIM and an authentication server.
Unfortunately, a lot of access points are already deployed without EAP-SIM features.
When a user needs to use a WLAN access point, there is a need to authenticate the user using the SIM without upgrading the already deployed access points.